<?php
include('../variables.php');

$lang_file = "../languages/$lang.php";
include($lang_file); 

$connect = mysql_connect($host,$username,$password);
if (!$connect) {
   die('Could not connect: ' . mysql_error());
}
@mysql_select_db($database) or die( "Unable to select database");

$id = $_GET['id'];

	// generate and execute query
	$query = "SELECT * FROM files WHERE id = '$id'";
	$result = mysql_query($query) or die ("Error in query: $query. " .
mysql_error());

	// if a result is returned
	if (mysql_num_rows($result) > 0)
	{
  // turn it into an object
  $row = mysql_fetch_object($result);

?>
<html>
<head>
	<link href="../css/default.css" rel="stylesheet" type="text/css" />
<title><? echo $lang_edit_file;?></title>
</head>
<body>
<?php include("../includes/header.php"); ?>
<?

$paypalname = $row->paypalname;
$filename = $row->filename;
$origfilename = $row->filename;
$price = $row->price;

$paypalname = htmlspecialchars($paypalname, ENT_QUOTES);
$filename = htmlspecialchars($filename, ENT_QUOTES);
$origfilename = htmlspecialchars($origfilename, ENT_QUOTES);

if (!isset($_POST['submit']))
{
?>

<table cellspacing="5" cellpadding="5">
<form action="<? echo $PHP_SELF; ?>" method="POST" enctype="multipart/form-data">
<input type="hidden" name="id"  value="<? echo $id; ?>">
<tr>
	<td valign="top" align="right"><b><font size="-1"><? echo $lang_name_of_item;?></font></b></td>
	<td><input size="50" maxlength="250" type="text" name="paypalname" value='<?
echo $paypalname; ?>'></td>
</tr>
<tr>
	<td valign="top" align="right"><b><font size="-1"><? echo $lang_price;?></font></b></td>
	<td><input size="10" maxlength="250" type="text" name="price" value='<?
echo $price; ?>'></td>
</tr>


<tr>
	<td valign="top" align="right"><b><font size="-1"><? echo $lang_file;?><br></font></b></td>
	<td>
 <input type="hidden" name="MAX_FILE_SIZE" value="2000000">
<input name="thefile" type="file" id="thefile">


</td>
</tr>

<tr>
	<td colspan=2><input type="Submit" name="submit" value="<? echo $lang_update;?>" class="button"></td>
</tr>
</form>
</table>
<?
}
else
{

$uploadDir = '../myfiles/';

$fileName = $_FILES['thefile']['name'];
$paypalname = $_POST['paypalname'];
$price = $_POST['price'];

if ($fileName != "")
{

$myFile = $uploadDir . $origfilename;
unlink($myFile);

$filename = $_FILES['thefile']['name'];
$tmpname = $_FILES['thefile']['tmp_name'];
$fileSize = $_FILES['thefile']['size'];
$fileType = $_FILES['thefile']['type'];




$ext = substr(strrchr($filename, "."), 1);

$filePath = $uploadDir . $filename;

$result = move_uploaded_file(stripslashes($tmpname), stripslashes($filePath));
chmod(stripslashes($filePath), 0777);
}
else
{
$filename = $origfilename;
}

if (!result)
{
echo "File upload error.";
}

  // generate and execute query
  $query = "UPDATE files SET filename = '$filename', paypalname = '$paypalname', price = '$price' WHERE id = '$id'";
  $result = mysql_query($query) or die ("Error in query: $query. " .
mysql_error());

  // print result
echo "<div class=\"alert\">$lang_update_succesful</div>";

  // close database connection
  mysql_close($connect);
  }
  }
?>
</body>
</html>